Vulnerability Details CVE-2006-0312
create.php in aoblogger 2.3 allows remote attackers to bypass authentication and create new blog entries by setting the uza parameter to 1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.127
EPSS Ranking 93.8%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2006-01/0322.html
- http://evuln.com/vulns/37/summary.html
- http://mikeheltonisawesome.com/viewcomments.php?idd=46
- http://secunia.com/advisories/16889
- http://www.securityfocus.com/bid/16286
- http://www.vupen.com/english/advisories/2006/0240
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24143
- http://archives.neohapsis.com/archives/bugtraq/2006-01/0322.html
- http://evuln.com/vulns/37/summary.html
- http://mikeheltonisawesome.com/viewcomments.php?idd=46
- http://secunia.com/advisories/16889
- http://www.securityfocus.com/bid/16286
- http://www.vupen.com/english/advisories/2006/0240
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24143
Products affected by CVE-2006-0312
-
cpe:2.3:a:mike_helton:aoblogger:2.3